Suggested by Amiga600 in https://bugs.unrealircd.org/view.php?id=5784
This also fixes a bug with log::maxsize on Windows (cannot overwrite
existing file with .old).
It simplifies the logging code a little and makes it a tad more readable.
And it adds an unreal_strftime() function to make things easy.
extern int strnatcmp(char const *a, char const *b);
extern int strnatcasecmp(char const *a, char const *b);
This will be handy for version comparisons. For example they will
return -1 (=lower) for things like ("1.4.9", "1.4.10"), unlike strcmp.
Also, some loosely related spelling fixes elsewhere.
Disable these warnings, though:
C4267: downgrade of size_t to int and such. pointless...
C4101: unreferenced local variable
C4018: signed/unsigned mismatch
C4244: implicit conversions with "possible loss of data".
there are 75+ of them and they are likely all harmless
and/or intentional (usually plain obvious too)
C4996: fixme! warnings about deprecated functions, currently only for GetVersion..
that use outdated SSL/TLS protocols (eg: TLSv1.0) and ciphers.
The default settings are to warn in all cases: users connecting,
opers /OPER'ing up and servers linking in. The user will see a message
telling them to upgrade their IRC client.
This should help with migrating such users since in the future, say one
or two years from now, we would want to change the default to only allow
TSLv1.2+ with ciphers that provide Forward Secrecy. Instead of rejecting
clients without any error message, this provides a way to warn them and
give them some time to upgrade their outdated IRC client.
https://www.unrealircd.org/docs/Set_block#set::outdated-tls-policy
m_pass and m_topic.c when duplicating strings with a length limit.
+/* strldup(str,max) copies a string and ensures the new buffer
+ * is at most 'max' size, including nul byte. The syntax is pretty
+ * much identical to strlcpy() except that the buffer is newly
+ * allocated.
+ * If you wonder why not use strndup() instead?
+ * I feel that mixing code with strlcpy() and strndup() would be
+ * rather confusing since strlcpy() assumes buffer size including
+ * the nul byte and strndup() assumes without the nul byte and
+ * will write one character extra. Hence this strldup(). -- Syzop
+ */
code clutter and was broken anyway (especially CHROOTDIR)...
For a CHROOTDIR replacement we suggest using AppArmor, SELinux, FreeBSD jails, ..
For a IRC_USER/IRC_GROUP replacement you can use start-stop-daemon or similar.